CVE-2024-38752

Name of the Vulnerable Software and Affected Versions Zoho Campaigns versions n/a through 2.0.8

Description The issue affects Zoho Campaigns, allowing Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation. This enables an attacker to inject malicious scripts into web pages.

Recommendations For versions n/a through 2.0.8, update to a version later than 2.0.8 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of Cross-Site Scripting (XSS) attacks until a patch is available.